IN THE CLAIMS: 

1-37. (cancelled) 

38. (new) A method to protect from unauthorized access electronic data 
objects, each electronic data object being related to a particular medical patient, 
comprising the steps of: 

providing a separate application data store containing said patient related 
electronic data objects, each electronic data object having an associated data object 
identifier to at least one of form structural connections of the data object to groups, 
teams, or references to people, form contextual associations of the data object with 
subject areas or studies, or form affiliation of the data object with clinical studies, 
diagnostic findings, or with diagnostic image types; 

providing a separate user group store for association of a plurality of unique 
medical field user IDs dependent on previously determined information for 
identification and authentication of the medical field users; 

providing a separate data object category store for association of said data 
object identifiers with access right categories; 

providing a separate access right store for associating said medical field user 
IDs with said access right categories so that it can be determined for a particular 
medical field user the type of access allowed for the particular medical field user for 
reading, changing, or deleting information contained in the data objects; 

providing an access control module connected to access said access right 
store, said data object category store, and said user group store and which monitors 
and controls data accesses by said medical field users to said data objects in said 
data application store, said access control module determining a medical field user 
ID from the user group store, and using said medical field user ID, determining an 
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access right category via said access right store, and via access to said data object 
category store, said access control module determinings, using said data object 
identifiers, which access right category is associated with the data object which the 
medical field user is attempting to access. 
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